Andrew Geissler | 595f630 | 2022-01-24 19:11:47 +0000 | [diff] [blame] | 1 | SUMMARY = "A full-featured SSL VPN solution via tun device." |
| 2 | HOMEPAGE = "https://openvpn.net/" |
| 3 | SECTION = "net" |
| 4 | LICENSE = "GPLv2" |
| 5 | LIC_FILES_CHKSUM = "file://COPYING;md5=377a495e6f12b2a3adcee797e59540b8" |
| 6 | DEPENDS = "lzo openssl iproute2 ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" |
| 7 | |
| 8 | inherit autotools systemd update-rc.d |
| 9 | |
| 10 | SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \ |
| 11 | file://openvpn \ |
| 12 | file://openvpn@.service \ |
| 13 | file://openvpn-volatile.conf" |
| 14 | |
| 15 | UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads" |
| 16 | |
| 17 | SRC_URI[sha256sum] = "7500df4734173bce2e95b5039079119dacaff121650b2b6ca76d2dc68bdac1c5" |
| 18 | |
| 19 | # CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client, not for openvpn. |
Andrew Geissler | 7e0e3c0 | 2022-02-25 20:34:39 +0000 | [diff] [blame^] | 20 | CVE_CHECK_IGNORE += "CVE-2020-7224 CVE-2020-27569" |
Andrew Geissler | 595f630 | 2022-01-24 19:11:47 +0000 | [diff] [blame] | 21 | |
| 22 | SYSTEMD_SERVICE:${PN} += "openvpn@loopback-server.service openvpn@loopback-client.service" |
| 23 | SYSTEMD_AUTO_ENABLE = "disable" |
| 24 | |
| 25 | INITSCRIPT_PACKAGES = "${PN}" |
| 26 | INITSCRIPT_NAME:${PN} = "openvpn" |
| 27 | INITSCRIPT_PARAMS:${PN} = "start 10 2 3 4 5 . stop 70 0 1 6 ." |
| 28 | |
| 29 | CFLAGS += "-fno-inline" |
| 30 | |
| 31 | # I want openvpn to be able to read password from file (hrw) |
| 32 | EXTRA_OECONF += "--enable-iproute2" |
| 33 | EXTRA_OECONF += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '', '--disable-plugin-auth-pam', d)}" |
| 34 | |
| 35 | # Explicitly specify IPROUTE to bypass the configure-time check for /sbin/ip on the host. |
| 36 | EXTRA_OECONF += "IPROUTE=${base_sbindir}/ip" |
| 37 | |
| 38 | do_install:append() { |
| 39 | install -d ${D}/${sysconfdir}/init.d |
| 40 | install -m 755 ${WORKDIR}/openvpn ${D}/${sysconfdir}/init.d |
| 41 | |
| 42 | install -d ${D}/${sysconfdir}/openvpn |
| 43 | install -d ${D}/${sysconfdir}/openvpn/sample |
| 44 | install -m 755 ${S}/sample/sample-config-files/loopback-server ${D}${sysconfdir}/openvpn/sample/loopback-server.conf |
| 45 | install -m 755 ${S}/sample/sample-config-files/loopback-client ${D}${sysconfdir}/openvpn/sample/loopback-client.conf |
| 46 | install -dm 755 ${D}${sysconfdir}/openvpn/sample/sample-keys |
| 47 | install -m 644 ${S}/sample/sample-keys/* ${D}${sysconfdir}/openvpn/sample/sample-keys |
| 48 | |
| 49 | if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then |
| 50 | install -d ${D}/${systemd_unitdir}/system |
| 51 | install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system |
| 52 | install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system/openvpn@loopback-server.service |
| 53 | install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system/openvpn@loopback-client.service |
| 54 | |
| 55 | install -d ${D}/${localstatedir} |
| 56 | install -d ${D}/${localstatedir}/lib |
| 57 | install -d -m 710 ${D}/${localstatedir}/lib/openvpn |
| 58 | |
| 59 | install -d ${D}${sysconfdir}/tmpfiles.d |
| 60 | install -m 0644 ${WORKDIR}/openvpn-volatile.conf ${D}${sysconfdir}/tmpfiles.d/openvpn.conf |
| 61 | sed -i -e 's#@LOCALSTATEDIR@#${localstatedir}#g' ${D}${sysconfdir}/tmpfiles.d/openvpn.conf |
| 62 | fi |
| 63 | } |
| 64 | |
| 65 | PACKAGES =+ " ${PN}-sample " |
| 66 | |
| 67 | RRECOMMENDS:${PN} = "kernel-module-tun" |
| 68 | |
| 69 | FILES:${PN}-dbg += "${libdir}/openvpn/plugins/.debug" |
| 70 | FILES:${PN} += "${systemd_unitdir}/system/openvpn@.service \ |
| 71 | ${sysconfdir}/tmpfiles.d \ |
| 72 | " |
| 73 | FILES:${PN}-sample += "${systemd_unitdir}/system/openvpn@loopback-server.service \ |
| 74 | ${systemd_unitdir}/system/openvpn@loopback-client.service \ |
| 75 | ${sysconfdir}/openvpn/sample/" |